How to Redirect after STS authentication?

Asked

Viewed 241 times

2

My application authenticates users through STS. Authentication can go to STS and validate the user PIN on the card. But how do I have it redirected to the "home" page of my site after authentication?

Addendum:

  1. I don’t have access to the STS admin;
  2. I use the component FederatedPassiveSignIn contained in: Microsoft.IdentityModel.Web.Controls;
  3. I Tried Using the Method Signed_in to try to capture the moment after authentication to STS but it did not work;
  4. The way I was able to redirect earlier was by using Event Load, however, this is executed every time the page is loaded (obvious).

Follows Code:

<div style="margin-left: 360px; margin-top: 100px; margin-bottom: 100px;">
        <wif:FederatedPassiveSignIn ID="FederatedPassiveSignIn1" runat="server"
            Issuer="<%$AppSettings:CORP.STS.Certificado%>"
            RequireHttps="False" Realm="<%$AppSettings:CORP.STS.UrlCliente%>"
            UseFederationPropertiesFromConfiguration="false" RememberMeText="Lembre minha Senha."
            SignInImageUrl="~/Images/ec_b.gif" TitleText="Autenticar Certificado Digital" OnSignedIn="FederatedPassiveSignIn1_SignedIn" >
            <SignInButtonStyle Height="80px" />
        </wif:FederatedPassiveSignIn>
        <div id="errorMessage">
            <asp:Label Text="text" ID="lblError" runat="server" Visible="false" ForeColor="Red" style="margin-left:-200px;" />
        </div>
    </div>

and on the part of code Behind:

 protected void FederatedPassiveSignIn1_SignedIn(object sender, EventArgs e)
 {
     Response.Redirect("MinhaPagina.aspx");
 }
  • Unable to perform an Ajax routine that returns if the user is logged in?

  • no. I will only know if the user is logged in if STS tells me yes or no.

  • So... Isn’t it possible to do a periodic query to the method that returns login status, and take the relevant action from that moment on? You would have a server side that would just return the status, and would be in charge of Javascript, via AJAX, check the login status of the user and redirect it, if applicable.

  • It works like this, Passive authentication, goes to STS, does what you have to do for it. and returns me a Token saying whether it is authenticated or not. The point is: Where do I check the token? in which event? from that point I will know how to redirect to page. There is no way to see this via JS, as I have to see the Chain of Claims that STS returned to me.

  • It is expensive, unfortunately in this case I will not be able to help you... I do not understand the architecture you are using. Let’s hope there’s someone more enlightened around here!

  • @okevinlira You can put the complete code of your class FederatedPassiveSignIn? I suspect the event is not being fired.

  • Gypsy, Federatedpassivesignin is a class of Microsoft.IdentityModel.Web.Controls; there’s no way I can give you her code rs,

  • @Kenny Rafael, it’s a C# Yes! although I don’t have (large) C# code in the body of the question, how would I solve a Windows Federation Authentication (WIF) authentication if it wasn’t for C#?

  • it wasn’t I who removed the c tag#...

  • Vish, it was bad then, is that appeared your name in the revision, anyway, whoever it is, did wrong...

Show 5 more comments

1 answer

0


I managed to get around it like this... it’s not the best way, (I believe) but it works.

protected void FederatedPassiveSignIn1_Load(object sender, EventArgs e)
        {
            if (IsPostBack) return;

            try
            {

                var principal = Thread.CurrentPrincipal as IClaimsPrincipal;
                if (principal == null || !principal.Identity.IsAuthenticated) return;

                var identity = (IClaimsIdentity)principal.Identity;
                string userId = "";
                var cpf = "";
                foreach (var c in identity.Claims.Where(c => c.ClaimType.ToLower().Contains("login")))
                    userId = c.Value;

                var usuario = ObterUsuario(principal);
                var juris = new ServicoJurisdicao.JurisdicaoClient();
                var jurisdicoesDeUsuario = juris.ConsultarJurisdicoesUsuario(usuario);

                foreach (var jurisdicao in jurisdicoesDeUsuario)
                {
                    identity.Claims.Add(new Claim("http://schemas.CORP.com.br/identity/claims/Jurisdicao", jurisdicao.ToString(),
                        ClaimValueTypes.String, ObterNomeEmissor()));
                }

                //Cada claim possui também um tipo, uma string que define o tipo de informação contida:
                Response.Write("Tipo de Claim: " + identity.Claims[0].ClaimType);


                var lookupIpAddres = Request.ServerVariables["REMOTE_HOST"];
                var ipAddress = Request.UserHostAddress;

                var sessionProxy = SessionProxy.getInstance();
                sessionProxy.setConfUserIP(ipAddress);
                sessionProxy.setConfUserId(userId);
                sessionProxy.setIdentity(identity);

                /*Forms authentication*/
                FormsAuthentication.SetAuthCookie(userId, true);
                /*Forms authentication*/
                Response.Redirect(ResolveUrl("~/"));
            }

            catch (Exception err)
            {
                lblError.Text = err.Message;
                PECv2.Handlers.SimpleLog.SaveLogEventvwrError(err, "PecV2 - Login");
                lblError.Visible = true;
                return;
            }
        }

Browser other questions tagged

You are not signed in. Login or sign up in order to post.